OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of VEbzuT6X »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - VEbzuT6X

Pages: [1]
1
General Discussion / Insight graphs
« on: April 07, 2018, 05:48:54 pm »
Hey,

I've got as couple of questions re. Insights graphs.
First, does anyone know what mystery interface '9' is in the image below?
I don't see it often but when I do I can see no reason for it.



Also, does anyone know if Insight displays both sender and responder port numbers?



I don't have port 30243 open in my firewall, so what am I seeing here?

Thanks!

2
General Discussion / netflow graphs
« on: December 06, 2017, 08:42:32 pm »


Probably a stupid question but i'm not sure what i'm looking at.

Most of the ports i'm seeing usage on are ports i've open.  The 27***'s are steam, i've got 7k through 9k open for rocket league, but 10000?  That's not a port i've enable access to, it's not in any of my aliases, etc, so why's it showing up in the graph?

Does this graph show port usage from both directions?

3
General Discussion / Re: Suricata on WAN int; very low CPU usage; is it really doing anything?
« on: October 22, 2017, 09:42:23 pm »
If i'm understanding you correctly you're saying setting Suricara to monitor the WAN interface is pointless?

If it doesn't inspect HOME_NET addresses, why am I seeing so much more CPU usage when Suricata's conf'd to inspect LAN instead of WAN?

4
General Discussion / Suricata on WAN int; very low CPU usage; is it really doing anything?
« on: October 22, 2017, 09:22:27 pm »
I've noticed Suricata's CPU usage rarely exceeds 3% when set to monitor just the WAN interface.

If I configure it to monitor LAN, or both LAN and WAN, (depending on throughput) Suricata's CPU usage can get >100%, which I guess I should expect to see?

I'm running the latest version of opnsense on an APU2C4.

Currently Suricata's conf'd to run on both WAN and LAN; here's an ifconfig output:

igb0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4400b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,TXCSUM_IPV6>

igb1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=5400b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,NETMAP,TXCSUM_IPV6>

Thanks in advance.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2